Trojan Porn Clicker, disguised as the popular app Dubsmash, returned to the Google Play Store again after being retired about a month ago. Exact information about this recurring threat is available at WeLiveSecurity.com.
Emerging for the first time more than a month ago, Dubsmash 2 returned back in Google Play last week. Since then, it has been "loaded" repeatedly and successfully four times - always containing the same malicious code.
Although the fake application carrying the malicious code does not actually harm the average user, the problem occurs with pay-per-click advertising campaigns, as the porn clicker trojan was created with the aim of carrying out scams "click fraud».
Once turned on, malware generates large amounts of web traffic, contributing to large accounts. Interestingly, according to ESET's findings, this app attacks almost exclusively on Android devices that do not have a security solution installed.
"If there isn't one installed software AV, τότε ενεργοποιείται η πραγματική λειτουργικότητα της Dubsmash 2.
The trojan then requests a pornographic link from the server of. These links will be loaded every 60 seconds in WebView in an invisible window," explains Lukáš Štefanko, Malware Researcher at ESET.
The whole story about the trojan porn clicker is available at WeLiveSecurity.com.
